CVE-2023-46386

LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://packetstormsecurity.com/files/175952/Loytec-L-INX-Automation-Servers-Information-Disclosure-Cleartext-Secrets.html	Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2023/Nov/7	Mailing List Third Party Advisory
https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:loytec:linx-212_firmware:6.2.4:*:*:*:*:*:*:*

cpe:2.3:h:loytec:linx-212:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:loytec:linx-151_firmware:7.2.4:*:*:*:*:*:*:*

cpe:2.3:h:loytec:linx-151:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-11-30 23:15

Updated : 2023-12-14 08:15

NVD link : CVE-2023-46386

Mitre link : CVE-2023-46386

CVE.ORG link : CVE-2023-46386

JSON object : View

Products Affected

loytec

linx-151_firmware
linx-212_firmware
linx-212
linx-151

CWE

CWE-312

Cleartext Storage of Sensitive Information

{"id": "CVE-2023-46386", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-11-30T23:15:07.520", "references": [{"url": "http://packetstormsecurity.com/files/175952/Loytec-L-INX-Automation-Servers-Information-Disclosure-Cleartext-Secrets.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2023/Nov/7", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-312"}]}], "descriptions": [{"lang": "en", "value": "LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication."}, {"lang": "es", "value": "LOYTEC electronics GmbH el firmware LINX-212 6.2.4 y el firmware LINX-151 7.2.4 son vulnerables a permisos inseguros a trav\u00e9s del archivo registry.xml. Esta vulnerabilidad permite a atacantes remotos revelar las credenciales de la cuenta del cliente SMTP y eludir la autenticaci\u00f3n de correo electr\u00f3nico."}], "lastModified": "2023-12-14T08:15:42.550", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:loytec:linx-212_firmware:6.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C622E98-9108-440E-B554-EBE91708B534"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:loytec:linx-212:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "35956253-8D61-434C-9C03-96E6C69FB9C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:loytec:linx-151_firmware:7.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "963786BE-1AC2-4E6F-A69D-59AE1389C7DD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:loytec:linx-151:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E62B5DA6-83D1-4582-B503-8A9B51A26E53"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}